Known Vulnerabilities for products from Working Resources Inc.

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Working Resources Inc.".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-54325 json Not Provided 2026-06-23 2026-06-23
CVE-2026-39959 json Not Provided 2026-04-09 2026-04-09
CVE-2005-0595 json Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand param... Not Provided 2005-05-02 2025-04-03
CVE-2004-2374 json BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php, whi... Not Provided 2004-12-31 2025-04-03
CVE-2004-1727 json BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections ... Not Provided 2004-08-20 2025-04-03
CVE-2003-0332 json The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename e... Not Provided 2003-06-09 2025-04-03
CVE-2002-2289 json soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including... Not Provided 2002-12-31 2025-04-03
CVE-2002-2170 json Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP addre... Not Provided 2002-12-31 2025-04-03
CVE-2002-1973 json Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (... Not Provided 2002-12-31 2025-04-03
CVE-2002-1685 json Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attac... Not Provided 2002-12-31 2025-04-03
CVE-2002-1684 json Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal E... Not Provided 2002-12-31 2025-04-03
CVE-2002-1683 json Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary scrip... Not Provided 2002-12-31 2025-04-03
CVE-2002-1541 json BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing a... Not Provided 2003-03-31 2025-04-03
CVE-2002-1023 json BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. Not Provided 2002-10-04 2025-04-03
CVE-2002-1022 json BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to ga... Not Provided 2002-10-04 2025-04-03
CVE-2002-1021 json BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-enc... Not Provided 2002-10-04 2025-04-03
CVE-2002-0800 json BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. Not Provided 2002-08-12 2025-04-03
CVE-2002-0326 json Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possi... Not Provided 2002-06-25 2025-04-03
CVE-2002-0325 json Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified... Not Provided 2002-06-25 2025-04-03
CVE-2001-1140 json BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (n... Not Provided 2001-08-22 2025-04-03
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report